Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software

Progress Software has announced the discovery and patching of a critical SQL injection vulnerability in MOVEit Transfer, popular software used for secure file transfer. In addition, Progress Software has patched two other high-severity vulnerabilities. The identified SQL injection vulnerability, tagged as CVE-2023-36934, could potentially allow unauthenticated attackers to gain unauthorized

Interested in $10,000,000? Ready to turn in the Clop ransomware crew?

Technically, it's "up to $10 million", but it's potentially a LOT of money, nevertheless...

S3 Ep140: So you think you know ransomware?

Lots to learn this week - listen now! (Full transcript inside.)

MOVEit mayhem 3: “Disable HTTP and HTTPS traffic immediately”

Twice more unto the breach... third patch tested and released, shut down web access until you've applied it

More MOVEit mitigations: new patches published for further protection

Good news... more patches, this time available proactively

S3 Ep138: I like to MOVEit, MOVEit

Backdoors, exploits, and Little Bobby Tables. Listen now! (Full transcript available...)

MOVEit zero-day exploit used by data breach gangs: The how, the why, and what to do…

Little Bobby Tables is back!